Skip to content

No profile (default benchmark)

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000516-AU-000350

    <GroupDescription></GroupDescription>
    Group
  • Splunk Enterprise must be configured to notify the System Administrator (SA) and Information System Security Officer (ISSO), at a minimum, when an attack is detected on multiple devices and hosts within its scope of coverage.

    &lt;VulnDiscussion&gt;Detecting when multiple systems are showing anomalies can often indicate an attack. Notifying appropriate personnel can initi...
    Rule Medium Severity
  • SRG-APP-000166-AU-002490

    <GroupDescription></GroupDescription>
    Group
  • Splunk Enterprise must enforce password complexity for the account of last resort by requiring that at least one uppercase character be used.

    &lt;VulnDiscussion&gt;Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, ...
    Rule Low Severity
  • SRG-APP-000167-AU-002500

    <GroupDescription></GroupDescription>
    Group
  • Splunk Enterprise must enforce password complexity for the account of last resort by requiring that at least one lowercase character be used.

    &lt;VulnDiscussion&gt;Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, ...
    Rule Low Severity
  • SRG-APP-000168-AU-002510

    <GroupDescription></GroupDescription>
    Group
  • Splunk Enterprise must enforce password complexity for the account of last resort by requiring that at least one numeric character be used.

    &lt;VulnDiscussion&gt;Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, ...
    Rule Low Severity
  • SRG-APP-000164-AU-002480

    <GroupDescription></GroupDescription>
    Group
  • Splunk Enterprise must enforce a minimum 15-character password length for the account of last resort.

    &lt;VulnDiscussion&gt;The shorter the password, the lower the number of possible combinations that need to be tested before the password is comprom...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules